3 matches found
CVE-2024-29142
CVE-2024-29142 affects the WordPress plugin Better Search (Better Search – Relevant search results for WordPress) with a Stored Cross-Site Scripting (XSS) vulnerability in versions up to and including 3.3.0. Public sources confirm an XSS issue arising from improper input handling during web page ...
CVE-2021-4400
The CVE-2021-4400 entry concerns the WordPress Better Search plugin. A CSRF vulnerability exists in versions up to 2.5.2 caused by missing or incorrect nonce validation in bsearch_process_settings_import() and bsearch_process_settings_export(). This enables unauthenticated attackers to import and...
CVE-2021-4373
The CVE-2021-4373 entry concerns the WordPress Better Search plugin with a Cross-Site Request Forgery vulnerability in versions up to 2.5.2. The issue allows unauthenticated attackers to import settings by tricking a site administrator into performing a forged request. Impact: potential unauthori...